Users of the Google Pack suite of software are most likely vulnerable, as this includes the Google Toolbar for Firefox, Soghoian said.

"Users are vulnerable and are at risk of an attacker silently installing malicious software on their computers. This possibility exists whenever the user cannot trust their domain name server (DNS) or network connection. Examples of this include public wireless networks, and users connected to compromised home routers," the researcher expalined.

Until vendors have fixed the problems, the researcher suggests that users should remove/disable all Firefox extensions except those that they are sure they have downloaded from the official Firefox Add-ons website (https://addons.mozilla.org). "If in doubt, delete the extension, and then download it again from a safe place," he said.